Linux testing tool tcpdump command for executing related functions

Source: Internet
Author: User

The Linux test tool tcpdump command is used to monitor TCP/IP connections and directly read data headers at the data link layer. You can specify which data packets are monitored and which control formats are to be displayed. For example, to monitor the communication between all Ethernet connections, run the following command: tcpdump-I eth0. Let's take a look at the specific content.

Even on a relatively calm network, there is a lot of communication, so we may only need to get the information of the packets we are interested in. In general, the TCP/IP stack only binds data packets from the local host to the receiving station and ignores the address of other computers on the Network (unless you are using a vro ). When you run the tcpdump command, it sets the TCP/IP stack to promiscuous mode. This mode can receive all the data packets and display them effectively. If we only care about the communication of our local host, one way is to use the "-p" parameter to disable promiscuous mode, and another way is to specify the Host Name:

Tcpdump-I eth0 host hostname

In this case, the system only monitors the communication data packets of the host named hostname. The host name can be a local host or any computer on the network. The following command reads all data sent by the host hostname:

Tcpdump-I eth0 src host hostname

The following command monitors all data packets sent to the host hostname using the Linux testing tool:

Tcpdump-I eth0 dst host hostname

We can also use the Linux testing tool to monitor data packets through the specified Gateway:

Tcpdump-I eth0 gateway Gatewayname

If you want the Linux testing tool to monitor the TCP or UDP data packets mapped to the specified port, run the following command:

Tcpdump-I eth0 host hostname and port 80

This command displays the outgoing headers from each packet and the address of port 80 from the host hostname. Port 80 is the default HTTP service port number. If we only need to list the data packets sent to port 80, use dst port; if we only want to see the data packets returned to port 80, use src port.

  1. View process commands and specific operations in Linux
  2. Linux network traffic monitoring tool installation and functions
  3. How to view Linux Nic traffic and Its Features
  4. Introduction to Linux Command to view performance
  5. Network for Linux performance monitoring

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.